/etc/init.d/vpn
Zur Navigation springen
Zur Suche springen
Funktionen
/etc/init.d/vpn start |stop | restart | restart_olsr | restart_tunnel | pingtest | status | check | ifup INTERFACE NODE
Die Funktion "check" wird alle 5 Minuten per cron ausgefuehrt und startet den Tunnel oder den OLSR-Dienst neu, falls keine CPU-Zeit mehr konsumiert wird.
Skript
#!/bin/sh
fkt_infotext() {
logger -p daemon.info -t $0 $1
echo $1
}
fkt_write_olsrd_conf() {
fkt_infotext "generating olsrd.conf ..."
cp /etc/olsrd.conf_head /etc/olsrd.conf
awk '/ifup/ {print $3,$12}' /etc/vtund.conf|
while read IFACE NODE
do
cat>>/etc/olsrd.conf<<EOF
Interface "$IFACE" {
HelloInterval 50.0
HelloValidityTime 900.0
TcInterval 30.0
TcValidityTime 2700.0
MidInterval 150.0
MidValidityTime 2700.0
HnaInterval 150.0
HnaValidityTime 900.0
Ip4Broadcast 10.63.$NODE.253
LinkQualityMult default 0.1
}
EOF
done
}
fkt_netcount_start() {
fkt_infotext "installing netfilter counters ..."
iptables -N vpn_user_outgoing
iptables -N vpn_olsr_outgoing
iptables -N vpn_user_incoming
iptables -N vpn_olsr_incoming
iptables -I OUTPUT -o tap+ -j vpn_user_outgoing
iptables -I OUTPUT -o tap+ -p udp --sport 698 -j vpn_olsr_outgoing
iptables -I INPUT -i tap+ -j vpn_user_incoming
iptables -I INPUT -i tap+ -p udp --dport 698 -j vpn_olsr_incoming
awk '/ifup/ {print $3}' /etc/vtund.conf|
while read IFACE
do
iptables -I vpn_user_outgoing -i $IFACE -j ACCEPT
iptables -I vpn_olsr_outgoing -i $IFACE -j ACCEPT
iptables -I vpn_user_incoming -i $IFACE -j ACCEPT
iptables -I vpn_olsr_incoming -i $IFACE -j ACCEPT
done
}
fkt_netcount_stop() {
fkt_infotext "deleting netfilter counters ..."
iptables -D OUTPUT -o tap+ -j vpn_user_outgoing
iptables -D OUTPUT -o tap+ -p udp --sport 698 -j vpn_olsr_outgoing
iptables -D INPUT -i tap+ -j vpn_user_incoming
iptables -D INPUT -i tap+ -p udp --dport 698 -j vpn_olsr_incoming
iptables -F vpn_olsr_outgoing
iptables -F vpn_user_outgoing
iptables -F vpn_olsr_incoming
iptables -F vpn_user_incoming
iptables -X vpn_olsr_outgoing
iptables -X vpn_user_outgoing
iptables -X vpn_olsr_incoming
iptables -X vpn_user_incoming
}
fkt_start_vtund() {
fkt_infotext "starting vtun-daemon ..."
vtund -f /etc/vtund.conf -s
}
fkt_start_olsrd() {
fkt_infotext "starting olsr-daemon ..."
olsrd -f /etc/olsrd.conf -d 0
}
fkt_kill_olsrd() {
fkt_infotext "ending olsrd-process ..."
PID=$(pidof olsrd)
test ! -z "$PID" && kill
PID=$(pidof olsrd)
test ! -z "$PID" && kill -9 $PID
}
fkt_kill_vtund() {
fkt_infotext "ending vtund-process ..."
PID=$(pidof vtund)
test ! -z "$PID" && kill $PID
}
fkt_interface_up() {
fkt_infotext "starting interface $1 for node $2 ..."
ip addr add dev $1 10.63.$2.254/30 brd 10.63.$2.255
ip link set $1 mtu 1450 up
fkt_infotext "setting host-routes for node $2 ..."
ip route add 10.63.$2.253 dev $1
}
fkt_status_olsrd() {
fkt_infotext "status olsrd:"
}
fkt_status_vtund() {
fkt_infotext "status vtund:"
ps ax|
awk -F tap '/tap/ {
if($2<99&&$2>=0){
NO=$2*1
printf("tap %2i - ",NO)
system("grep \"device tap"NO" \" /etc/vtund.conf")
}
}'|
sort
}
fkt_status_netcount() {
fkt_infotext "status netcount:"
iptables -nxvL INPUT
iptables -nxvL FORWARD
iptables -nxvL OUTPUT
}
fkt_pingall_clients() {
awk '/ifup/ {printf $1": ";system("ping -c 3 10.63."$12".253 | grep \"64 bytes\"");print ""}' /etc/vtund.conf
awk '/ifup/ {printf $1": ";system("ping -c 3 10.63."$12".1 | grep \"64 bytes\"");print ""}' /etc/vtund.conf
}
fkt_check_olsr_and_tunnel () {
BIN_OLSR="olsrd"
BIN_VTUN="vtund"
PID_OLSR="$(pidof -s $BIN_OLSR)"
PID_VTUN="$(pidof -s $BIN_VTUN)"
OLSR_TIME_1="$(top -p $PID_OLSR -n 1 -b | grep $BIN_OLSR | awk '{print $11}')"
VTUN_TIME_1="$(top -p $PID_VTUN -n 1 -b | grep $BIN_VTUN | awk '{print $11}')"
sleep 60
OLSR_TIME_2="$(top -p $PID_OLSR -n 1 -b | grep $BIN_OLSR | awk '{print $11}')"
VTUN_TIME_2="$(top -p $PID_VTUN -n 1 -b | grep $BIN_VTUN | awk '{print $11}')"
if [ "$OLSR_TIME_1" = "$OLSR_TIME_2" ]; then
$0 restart_olsr
fi
if [ "$VTUN_TIME_1" = "$VTUN_TIME_2" ]; then
$0 restart_tunnel
fi
}
case $1 in
start)
fkt_infotext "Starting freifunk-VPN ..."
fkt_write_olsrd_conf
fkt_netcount_start
fi
if [ "$VTUN_TIME_1" = "$VTUN_TIME_2" ]; then
$0 restart_tunnel
fi
}
case $1 in
start)
fkt_infotext "Starting freifunk-VPN ..."
fkt_write_olsrd_conf
fkt_netcount_start
fkt_start_vtund
fkt_start_olsrd
;;
stop)
fkt_infotext "Stopping freifunk-VPN ..."
fkt_kill_olsrd
fkt_kill_vtund
fkt_netcount_stop
;;
restart)
$0 stop
$0 start
;;
restart_olsr)
fkt_infotext "Stopping/Starting freifunk-olsr ..."
fkt_kill_olsrd
fkt_start_olsrd
;;
restart_tunnel)
fkt_infotext "Stopping/Starting freifunk-tunnel ..."
fkt_kill_vtund
fkt_start_vtund
;;
status)
fkt_status_olsrd
fkt_status_vtund
fkt_status_netcount
;;
check)
fkt_check_olsr_and_tunnel
;;
pingtest)
fkt_pingall_clients
;;
ifup)
fkt_interface_up $2 $3
;;
*)
echo "Usage: $0 ( start |stop | restart | restart_olsr | restart_tunnel | pingtest | status | check | ifup INTERFACE NODE)"
;;
esac